forked from M-Labs/it-infra
aux: ipv6
This commit is contained in:
parent
fb745a11e3
commit
a7450362ce
@ -4,6 +4,7 @@ let
|
||||
netifWan = "enp0s25";
|
||||
netifLan = "enp3s0";
|
||||
netifWifi = "wlp1s0";
|
||||
netifSit = "henet0";
|
||||
in
|
||||
{
|
||||
imports =
|
||||
@ -43,18 +44,43 @@ in
|
||||
address = "192.168.1.1";
|
||||
prefixLength = 24;
|
||||
}];
|
||||
ipv6.addresses = [{
|
||||
address = "2001:470:f891:1::";
|
||||
prefixLength = 64;
|
||||
}];
|
||||
};
|
||||
networking.interfaces."${netifWifi}" = {
|
||||
ipv4.addresses = [{
|
||||
address = "192.168.15.1";
|
||||
prefixLength = 24;
|
||||
}];
|
||||
ipv6.addresses = [{
|
||||
address = "2001:470:f891:2::";
|
||||
prefixLength = 64;
|
||||
}];
|
||||
};
|
||||
|
||||
networking.sits."${netifSit}" = {
|
||||
dev = netifWan;
|
||||
remote = "216.218.221.6";
|
||||
local = "94.190.212.123";
|
||||
ttl = 255;
|
||||
};
|
||||
networking.interfaces."${netifSit}".ipv6 = {
|
||||
addresses = [{ address = "2001:470:18:390::2"; prefixLength = 64; }];
|
||||
routes = [{ address = "::"; prefixLength = 0; }];
|
||||
};
|
||||
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = "1";
|
||||
boot.kernel.sysctl."net.ipv6.conf.default.forwarding" = "1";
|
||||
boot.kernel.sysctl."net.ipv6.conf.${netifLan}.accept_dad" = "0";
|
||||
boot.kernel.sysctl."net.ipv6.conf.${netifWifi}.accept_dad" = "0";
|
||||
|
||||
networking.firewall = {
|
||||
allowedTCPPorts = [ 53 ];
|
||||
allowedUDPPorts = [ 53 67 ];
|
||||
trustedInterfaces = [ netifLan ];
|
||||
};
|
||||
|
||||
services.bind = {
|
||||
enable = true;
|
||||
listenOn = [];
|
||||
@ -72,6 +98,9 @@ in
|
||||
bind-interfaces
|
||||
dhcp-range=interface:${netifLan},192.168.1.81,192.168.1.254,24h
|
||||
dhcp-range=interface:${netifWifi},192.168.15.10,192.168.15.254,24h
|
||||
enable-ra
|
||||
dhcp-range=interface:${netifLan},::,constructor:${netifLan},ra-names
|
||||
dhcp-range=interface:${netifWifi},::,constructor:${netifWifi},ra-only
|
||||
|
||||
no-resolv
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user